-
-
Notifications
You must be signed in to change notification settings - Fork 300
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSRF cookie not set #146
Comments
Are you using the @csrf_exempt decorator on the ACS endpoint? See https://docs.djangoproject.com/en/2.2/ref/csrf/#utilities |
@pitbulk no I'm not as I thought it is not safe to bypass the csrf. But are you saying that is necessary for this to work? |
Is safe to bypass csrf on that particular ACS endpoint. |
Alright. |
As soon as I try to login using Google SSO on my python/django application I am redirected by Google to the ACS url but it gives me a forbidden 403 error. It says
csrf cookie not set
.The text was updated successfully, but these errors were encountered: